For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods reside on ג€in-scopeג€ Nodes o
Posted: Mon Aug 01, 2022 9:50 am
For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods reside on ג€in-scopeג€ Nodes only. These Nodes can only contain the
ג€in-scopeג€ Pods.
How should the organization achieve this objective?
A. Add a nodeSelector field to the pod configuration to only use the Nodes labeled inscope: true.
B. Create a node pool with the label inscope: true and a Pod Security Policy that only allows the Pods to run on Nodes with that label.
C. Place a taint on the Nodes with the label inscope: true and effect NoSchedule and a toleration to match in the Pod configuration.
D. Run all in-scope Pods in the namespace ג€in-scope-pciג€.
ג€in-scopeג€ Pods.
How should the organization achieve this objective?
A. Add a nodeSelector field to the pod configuration to only use the Nodes labeled inscope: true.
B. Create a node pool with the label inscope: true and a Pod Security Policy that only allows the Pods to run on Nodes with that label.
C. Place a taint on the Nodes with the label inscope: true and effect NoSchedule and a toleration to match in the Pod configuration.
D. Run all in-scope Pods in the namespace ג€in-scope-pciג€.